A primary concern many of today’s organizations is how to securely migrate their data and workloads to the cloud. To mitigate these challenges, multi-layered protection needs to be in place at all points along the path of data: entering, exiting, and within the cloud. Join Fortinet and AWS to learn how you can enable robust and effective security for your AWS Cloud-based applications and services. Fortinet provides a comprehensive security solution for your hybrid workloads, allowing you to effectively secure your workloads with simplified, automated migration.
Join us to learn:
- The best practices for enabling visibility and control against advanced threats
- Identify and enable the right security architecture for your applications and services
- How to protect your data along each step of the migration process
Who should attend: CTOs, CIOs, CISOs, IT Administers, IT Architects and IT Security Engineers
2. $6.53M 56% 70%
Your data and IP are your most valuable assets
https://www.csid.com/resources/stats/data-breaches/
Increase in theft of hard
intellectual property
http://www.pwc.com/gx/en/issues/cyber-
security/information-security-survey.html
Of consumers indicated
they’d avoid businesses
following a security breach
https://www.csid.com/resources/stats/data-
breaches/
Average cost of a
data breach
3. In June 2015, IDC released a report which found that most customers can be more secure
on AWS than their on-premises environment. How?
AWS can be more secure than your existing environment
Automating logging
and monitoring
Simplifying
resource access
Making it easy to
encrypt properly
Enforcing strong
authentication
4. AWS Foundation Services
Compute Storage Database Networking
AWS Global Infrastructure
Regions
Availability Zones
Edge Locations
Identity &
Access Control
Network
Security
Customer applications & content
You get to
define your
controls ON
the Cloud
AWS takes
care of the
security OF
the Cloud
You
Inventory
& Config
Data
Encryption
AWS and you share responsibility for security
5. The AWS infrastructure is protected by extensive network and security
monitoring systems:
Network access is monitored by AWS
security managers daily
AWS CloudTrail lets you monitor
and record all API calls
Amazon Inspector automatically assesses
applications for vulnerabilities
Constantly monitored
6. The AWS infrastructure footprint protects your data from costly downtime
33 Availability Zones in 12 regions for
multi-synchronous geographic redundancy
Retain control of where your data resides
for compliance with regulatory requirements
Mitigate the risk of DDoS attacks using
services like AutoScaling, Amazon Route 53
Highly available
7. AWS enables you to improve your security using many of your existing
tools and practices
Integrate your existing Active Directory
Use dedicated connections as a secure,
low-latency extension of your data center
Provide and manage your own encryption
keys if you choose
Integrated with your existing resources
10. Fortinet’s Enterprise NGFW /
UTM functionality builds on AWS
Security Groups to offer enhanced
security for your VPC
IPS – Antivirus – Application Control
Web Filtering – VPN – DLP
A suite of products focused on
protecting your AWS workloads
against cyber-threats
Monitor DefendAssess
Fortinet and AWS offering
11. Availability zone 2Availability zone 1
FortiGate 1 FortiGate 2
Elastic load
balancing
EC2
instances
FortiWeb 2FortiWeb 1
IPSec VPN
FortiGate
NGFW
FortiManager
FortiAnalyzer
Corp
Servers
Who:
E-Learning company
Goals:
Protect web properties and layer in
IPS FW technology
Single-vendor solution
Commonality for corporate security
Solution:
FortiGate NGFW for IPS
FortiWeb WAF for web properties
Multi-VPC design (Dev, QA,
Product)
FortiManager and FortiAnalyzer to
manage security policies on
premise and in AWS
Fortinet and AWS customer case study
EC2
instances
AWS customer
gateway
Amazon Route 53
Amazon
VPC
Fortinet centralized
management and reporting
across hybrid Cloud
Data center
AWS internet
gateway
AWS Cloud
AWS Region
12. Remove your cloud
security concerns
Nick Matthews, Security Ecosystem Solutions Architect, AWS
Dave Morrissey, Director – Cloud Service Providers, Fortinet
18-August 2016
13. Fortinet facts
Devices shipped
>2.6M
Unit share worldwide
#1
Patents
320
Patents pending
258
In Network Security (IDC)
Founded
2000
FY15 Revenue
$1B
Customers
>280K
Sunnyvale, CA
14. Fortinet is trusted
Fortune Companies
in America
of the top
7 10
Fortune Companies
in EMEA
of the top
8 10
Fortune Companies
in APAC
of the top
9 10
Fortune Telecommunications
Companies
of the top
10 10
Fortune Retail and
Commercial Banks
of the top
9 10 7 10
Aerospace and Defense
of the top
15. The threat is real
“There are only two
types of companies:
those that have been
hacked, and those that
will be.”
Robert Mueller, FBI Director, 2012
16. Public cloud market is estimated
to reach
Security must adapt
Internet users
3.2B
Smartphones shipped
worldwide
1.3B
New devices per year
through 2020
3B
Increase in cyber threats
10,000x $191B
17. Too much focus on compliance
Enterprises spend too much on
checking boxes down a list.
Too risk based
Taking a reactive approach only
addresses known threats, not the
new unknowns.
Too many point solutions
Too many different security vendors
whose products do not communicate
with one another.
Today’s standard approaches no longer work
19. Fortinet - Globally supported in AWS
Fortinet is supported in
all 12 AWS Regions +
the 5 new 2016 regions:
Americas: East-VA, West-OR,
West-CA, GovCloud, S. America-
São Paulo. 2016: Ohio, Montreal
EMEA: Ireland, Frankfurt 2016: UK
APAC: Singapore, Tokyo,
Sydney, Seoul, Beijing 2016: India
20. Fortinet - Complements AWS security
AWS ‘Security Groups’
Quick turn-up with Basic Network Segmentation & NACLs
AWS recommends using 3rd-party security
“If you have requirements that
aren't met by security groups, you
can maintain your own firewall on
any of your instances in addition to
using security groups.”
21. Fortinet - Advanced workload security
Fortinet Enhanced Security
Enterprise NGFW / UTM functionality
Application
Control
Antivirus
DLPIPS
Threat Research
Web
Filtering
VPN
Antispam WAF
22. Fortinet - Helps protect Your cloud data
545,000 Network Intrusion
Attempts resisted
140,000 Malware programs
neutralized
170,000 Malicious Website
accesses blocked
310,000 Botnet C&C attempts
thwarted
100 Intrusion prevention rules
per week
416,000 Hours of threat
research globally per year
290 Terabytes of threat
samples
18,000 Intrusion Prevention
rules
312 Zero-day threats
discovered
Per Minute Updates Per Week FortiGuard Database
Based on Q2 2016 data
23. AWS
Responsible for
security ‘of’ the
cloud
Customer
Responsible for
security ‘on’ the
cloud
Fortinet - Comprehensive solutions in AWS
On Demand:
Available by the hour or annual subscription
FortiCare & FortiGuard included in pricing
Products supported today
FortiGate-VM Multi-Threat NGFW
FortiWeb-VM Web Application Firewall
FortiManager-FGT Centralized Management
FortiAnalyzer-VM Centralized Reporting
FortiMail-VM Secure Email Gateway
FortiManager-FWB Centralized Management
FortiGate-VM On Demand or BYOL
FortiWeb-VM On Demand or BYOL
FortiManager-VM BYOL
FortiAnalyzer-VM BYOL
FortiMail-VM BYOL
Shared security model
Customer Data
Platform, applications, identity & access management
Operating system, network, firewall configuration
Client-side data
encryption & data
integrity
authentication
Server-side
encryption (File
system and/or
data)
Network traffic
protection
(Encryption/Integr
ity/Identity)
Compute Storage Database Networking
AWS Global
Infrastructure
Regions
Availability zones
Edge locations
24. Fortinet - AWS customer focus
Span cloud & premise with ‘single pane of glass’ Analysis & Mgmt Enabling repeatable, scalable, resilient and secured architectures for
customers moving from Premise to AWS
Increased VM instance Performance
Security Elasticity with Auto Scaling Templates
High Availability Automated Templates
Expanded Capacity with larger VMs
(6) products today 2016 additions planned
AWS-AMI have same functionality as hardware platforms
Managed Service options through select MSSPs
In-house team of 200+
Rapid ability to detect AND protect against threats
=Strategic integration Simplify cloud migration=Unified security posture Security consistency
Deep solution breath Deep commitment to AWS= Integrated threat research Rapid detection=
25. Fortinet - Proven AWS security partner
Fortinet is a Premium
AWS Partner
Unified Security Posture
Solution Focused
Strategic Integration
Integrated Threat Research
Cloud Resources
& Tools
Free Trials, Free HA Lab
Dedicated Engineering /
Development
Cloud-Customer
Focused
Flexible Deployment - On
Demand and BYOL
Deployment Templates - HA /
Auto Scaling
Global Support
Leverage Fortinet to Secure Your AWS Workloads